Tech Giants To US: Stop Spying

Apple, AOL, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo have asked the US government to limit its data gathering.

Eight technology companies have banded together to ask the US government to reform its surveillance policies and practices.

Apple, AOL, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo on Monday published an open letter to President Obama and members of Congress in which they state that recent revelations about the scope of NSA surveillance highlight "the urgent need to reform government surveillance practices worldwide."

The revelations in question, published over the summer in The Guardian and The Washington Post, were made possible by documents leaked by former NSA contractor Edward Snowden, who is living in Russia for fear of arrest by US authorities.

"The security of users' data is critical, which is why we've invested so much in encryption and fight for transparency around government requests for information," said Google CEO Larry Page in a statement. "This is undermined by the apparent wholesale collection of data, in secret and without independent oversight, by many governments around the world. It's time for reform and we urge the US government to lead the way."

The companies want governments to: set self-imposed limits on their data collection; seek data through intelligence agencies under a clear legal framework; be transparent about government information demands; not require service providers to use in-country infrastructure; and cooperate with one another when seeking data across jurisdictions.

Although the documents provided by Snowden reveal the scope of NSA data collection, this isn't just about the reach of US intelligence agencies. As Forrester analyst James Staten wrote in August, "It's naive and dangerous to think that the NSA's actions are unique. Nearly every developed nation on the planet has a similar intelligence arm which isn't as forthcoming about its procedures for requesting and gaining access to service provider (and ultimately corporate) data."

For several of these companies, this letter adds weight to their ongoing litigation against the US government for permission to disclose the number of national security-related data disclosure orders they receive, which they cannot reveal under current law.

The Obama administration is currently reviewing US surveillance policy, following the initial outcry over the revelations and the subsequent finding that the US eavesdropped on foreign government leaders, friend and foe alike. The non-classified findings of the review are expected to be published in mid-December.

Each of the signatory companies stores data for customers. Much like banks, they depend on customer trust to remain stewards of customer data.

"People won't use technology they don't trust," said Microsoft general counsel and executive VP Brad Smith in a blog post. "Governments have put this trust at risk, and governments need to help restore it."

When the government has access to that data without legal process -- through bulk collection, for example -- and without the knowledge of the company storing the data, corporate assurances of data safety become less credible and customer trust erodes.

That erosion has an estimated cost: The Information Technology & Innovation Foundation (ITIF) has estimated that the US cloud computing industry could lose as much as $35 billion by 2016 from companies that balk at the prospect of unfettered US access to data service providers.

Forrester's Staten argues that the ITIF figure is too low. He said the US cloud computing industry stands to lose as much as $180 billion, or 25% of overall IT service provider revenues, by 2016.

The use of cloud technology is booming, often offering the only way to meet customers', employees', and partners' rapidly rising requirements. But IT pros are rightly nervous about a lack of visibility into the security of data in the cloud. This Dark Reading report, Integrating Vulnerability Management Into The Application Development Process, puts the risk in context and offers recommendations for products and practices that can increase insight -- and enterprise security. (Free registration required.)

It's true that people will stop using technologies that they don't trust but I think that the perceived reaction of the public is a bit overblown. Where were all these cries for the government to stop spying when we found out about Predator? Why is the Snowden incident any different? Even now the public might recognize the name but do they really understand what he did or how he got the information that he has? I suspect that this is only causing a stir because the news cycle has lasted longer than expected. Once news of Snowden dies down we'll be right back to the public being in an out of sight out of mind mentality and they won't think twice about the NSA skimming data.

Two interesting pain points here: One we don't often feel; and other we now plainly can:

On one hand you have Forrester analyst James Staten noting: "It's naive and dangerous to think that the NSA's actions are unique. Nearly every developed nation on the planet has a similar intelligence arm which isn't as forthcoming about its procedures for requesting and gaining access to service provider (and ultimately corporate) data."

On the other hand you have corporate Microsoft general counsel, Brad Smith, whom I've met personally and who does a better job than most in articulating the hidden costs of technology within a mish-mash of multinational legal systems, arguing: "People won't use technology they don't trust. Governments have put this trust at risk, and governments need to help restore it."

In the end, I'm skeptical that we can trust either Big Tech of Government to truly look out for people's privacy. The upshot though is the debate has entered the national conversation and that's a good thing.

In the meantime, I'm still waiting for that app-for-the-common man & woman that can tell us when our data and devices are getting snopped and siphoned and gives us the power to do something about it.

Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.

Among 688 respondents to our Mobile Application Development Survey ó up from 350 respondents in 2012 ó 46% have deployed mobile apps, with an additional 24% planning to in the next year. Whatís the holdup for that remaining 30%? Often, itís a lack of expertise.